Attacks Against Wireless Networks

Posted by in Security+ | 0 comments

If you’re planning to take the SY0-501 version of the Security+ exam, you should have a basic understanding of several known attacks against wireless networks. Most can be avoided by using strong security protocols such as WPA2 with CCMP. In contrast, WPA is vulnerable to many attacks, especially if it is using TKIP.

For example, can you answer this question?

Q. Mobile users in your network report that they frequently lose connectivity with the wireless network on some days, but on other days they don’t have any problems. You suspect this is due to an attack. Which of the following attacks is MOST likely causing this problem?

A. Wireless jamming

B. IV

C. Replay

D. Bluesnarfing

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Jamming Attacks

Attackers can transmit noise or another radio signal on the same frequency used by a wireless network. This interferes with the wireless transmissions and can seriously degrade performance. This type of denial-of-service attack is commonly called jamming and it usually prevents all users from connecting to a wireless network. In some cases, users have intermittent connectivity because the interference causes them to lose their association with the AP and forces them to try to reconnect.

In some cases, you can increase the power levels of the AP to overcome the attack. Another method of overcoming the attack is to use different wireless channels. Each wireless standard has several channels you can use, and if one channel is too noisy, you can use another one. Although this is useful to overcome interference in home networks, it won’t be as effective to combat an interference attack. If you switch channels, the attacker can also switch channels.Attacks Against Wireless Networks

NFC Attacks

Near field communication (NFC) is a group of standards used on mobile devices that allow them to communicate with other mobile devices when they are close to them. For example, you can share pictures, contacts, and other data with friends. One person shares the data, and after placing the smartphones close to each other, the other person selects it to download.

During an NFC attack, an attacker uses an NFC reader to capture data from another NFC device. One method is an eavesdropping attack. The NFC reader uses an antenna to boost its range, and intercepts the data transfer between two other devices.

A more advanced attack was discovered by security researchers in 2012. They designed Trojan malware and installed it on an Android-based smartphone. They used the Trojan to initiate a payment. The NFC reader was then able to capture the payment data and use it in a live payment transaction. Google quickly modified Google Wallet to prevent this type of attack.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Bluetooth Attacks

Bluetooth is a short-range wireless system used in personal area networks (PANs) and within networks. A PAN is a network of devices close to a single person. Bluetooth devices include smartphones, headsets, and computer devices.

The range of Bluetooth was originally designed for about three meters (about 10 feet), but the range is often farther, and ultimately extends beyond a person’s personal space. Attackers have discovered methods of exploiting these networks. Some common attacks are bluejacking, bluesnarfing, and bluebugging:

Bluejacking is the practice of sending unsolicited messages to nearby Bluetooth devices. Bluejacking messages are typically text, but can also be images or sounds. Bluejacking is relatively harmless, but does cause some confusion when users start receiving messages.
Bluesnarfing refers to the unauthorized access to, or theft of information from, a Bluetooth device. A bluesnarfing attack can access information, such as email, contact lists, calendars, and text messages. Attackers use tools such as hcitool and obexftp.
Bluebugging is like bluesnarfing, but it goes a step further. In addition to gaining full access to the phone, the attacker installs a backdoor. The attacker can have the phone call the attacker at any time, allowing the attacker to listen in on conversations within a room. Attackers can also listen in on phone conversations, enable call forwarding, send messages, and more.

When Bluetooth devices are first configured, they are configured in Discovery mode. Bluetooth devices use MAC addresses, and in Discovery mode the Bluetooth device broadcasts its MAC address, allowing other devices to see it and connect to it. This is required when pairing Bluetooth devices.

In earlier versions of Bluetooth, this pairing process could happen any time a device is in Discovery mode. However, most software vendors have rewritten their software to prevent this. Today, users typically manually pair the device. If a user doesn’t acknowledge an attempted pairing, it fails. As a result, Bluetooth attacks are rare today. However, if a device doesn’t require a user to manually pair a device, it is still susceptible to these attacks.

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Wireless Replay Attacks

In a replay attack, an attacker captures data sent between two entities, modifies it, and then attempts to impersonate one of the parties by replaying the data. WPA2 using CCMP and AES is not vulnerable to replay attacks. However, WPA using TKIP is vulnerable to replay attacks.

WPA uses a sequence counter to number the packets and an access point will reject packets received out of order. Additionally, TKIP uses a 64-bit Message Integrity Check (MIC) to verify the integrity of the packets. While this sounds secure, security experts identified a method to discover the MIC key. After discovering the key, an attacker can transmit and decrypt packets. Later, other security experts improved this attack allowing them to launch a replay attack. This is one of the reasons that TKIP was deprecated in 2012 and should not be used.


Q. Mobile users in your network report that they frequently lose connectivity with the wireless network on some days, but on other days they don’t have any problems. You suspect this is due to an attack. Which of the following attacks is MOST likely causing this problem?

A. Wireless jamming

B. IV

C. Replay

D. Bluesnarfing

Answer is A. A wireless jamming attack is a type of denial-of-service (DoS) attack that can cause wireless devices to lose their association with access points and disconnect them from the network. None of the other attacks are DoS attacks.

An initialization vector (IV) attack attempts to discover the passphrase.

A replay attack captures traffic with the goal of replaying it later to impersonate one of the parties in the original transmission.

Bluesnarfing is a Bluetooth attack that attempts to access information on Bluetooth devices.

See Chapter 4 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on wireless attacks.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2020 Get Certified Get Ahead. All Rights Reserved.